diff options
author | netblue30 <netblue30@yahoo.com> | 2016-11-20 10:25:29 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-11-20 10:25:29 -0500 |
commit | 0c207322206d3882a9ccf2145531a8105885c12e (patch) | |
tree | 415e8c372c0631b276baf57b0747de79d9d04265 /etc/gnome-documents.profile | |
parent | Merge pull request #923 from vn971/seccomp-explain-audit (diff) | |
parent | fixed mudpf profile for debian (diff) | |
download | firejail-0c207322206d3882a9ccf2145531a8105885c12e.tar.gz firejail-0c207322206d3882a9ccf2145531a8105885c12e.tar.zst firejail-0c207322206d3882a9ccf2145531a8105885c12e.zip |
Merge pull request #924 from valoq/master
Many new profiles
Diffstat (limited to 'etc/gnome-documents.profile')
-rw-r--r-- | etc/gnome-documents.profile | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/etc/gnome-documents.profile b/etc/gnome-documents.profile new file mode 100644 index 000000000..c5def7aff --- /dev/null +++ b/etc/gnome-documents.profile | |||
@@ -0,0 +1,24 @@ | |||
1 | # gnome-documents profile | ||
2 | |||
3 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them | ||
4 | |||
5 | noblacklist ~/.config/libreoffice | ||
6 | |||
7 | include /etc/firejail/disable-common.inc | ||
8 | include /etc/firejail/disable-programs.inc | ||
9 | include /etc/firejail/disable-devel.inc | ||
10 | include /etc/firejail/disable-passwdmgr.inc | ||
11 | |||
12 | caps.drop all | ||
13 | nogroups | ||
14 | nonewprivs | ||
15 | noroot | ||
16 | nosound | ||
17 | protocol unix | ||
18 | seccomp | ||
19 | netfilter | ||
20 | shell none | ||
21 | tracelog | ||
22 | |||
23 | private-tmp | ||
24 | private-dev | ||